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This module should be read in conjunction with the Introduction and with the 
Glossary, which contains an explanation of abbreviations and other terms 
used in this Manual. If reading on-line, click on blue underlined headings to 
activate hyperlinks to the relevant module. 


Purpose 
To set out the minimum standards which the HKMA expects locally 
incorporated Als to adopt in respect of their corporate governance. 
Classification 
A statutory guideline issued by the MA under the Banking Ordinance, 
§7(3). 
Previous guidelines superseded 


Guideline 3.1.1 "Appointment of Alternate directors" dated 16.11.95; 
Guideline on "Corporate Governance of Locally Incorporated 
Authorized Institutions" dated 19.05.00, V.1 dated 21.09.01 and V.2 
dated 03.08.12. 


Application 
To all locally incorporated Als. 


Structure 

1. Introduction 
1.1 Background 
1.2 Application 
1.3 Implementation 

2. Responsibilities of the board 
2.1 General 
2.2 Responsibilities 
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2.3 Setting and overseeing objectives and strategies 
2.4 Risk governance 

2.5 Appointment and oversight of senior management 
2.6 Setting corporate values and standards 

2.7 Remuneration 

2.8 Suitable and transparent corporate structure 

2.9 Internal and external audit 

2.10 Transparency for sound and effective governance 


3. Organisation and functioning of the board 
3.1 Charter 
3.2 Meetings 

4. Board structure 


4.1 Role of the chair 
4.2 Board composition 


5. Specialized committees 
5.1 Objectives and practices 
5.2 Nomination committee 


5.3 Audit committee 

5.4 Risk committee 

5.5 Remuneration committee 
6. Appointment of directors 

6.1 Fit and proper 

6.2 Commitment 

6.3 Succession 

Board qualification and training 

Board performance evaluation 
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9. Governance in group structures 
9.1 Al as a parent or holding company 
9.2 Al as a regulated subsidiary 
10. Controls on structures established on behalf of customers 
11. Supervisory processes for evaluation of governance 
11.1 Supervisory review process 
11.2 Communication with the board and senior management 
11.3 Fit and proper test 
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1. Introduction 


1.1 Background 


1.1.1 


Corporate governance, as far as the banking industry is 
concerned, signifies the manner in which the business and 
affairs of individual Als are directed and managed by their 
board of directors and senior management. It also provides 
the structure through which the strategic objectives of an Al 
are set, the business plan for attaining those objectives is 
determined and the performance of the Al is monitored. 


Given the important financial intermediation role of banks 
within the economy and the consequences of bank failures 
to depositors as well as to the financial system and markets 
in which they operate, effective corporate governance within 
banks is of crucial importance not only to individual banking 
institutions but also to the financial system and the economy 
as a whole. 


The increasingly complex business environment resulting 
from globalisation, innovation in financial products and 
technological advances has intensified risk in the banking 
sector. Against this background, effective corporate 
governance is critically important to ensure that the business 
of Als continues to be managed in a controlled, prudent 
manner. 


1.2 Application 


1.2.1 


This module sets out the HKMA’s supervisory expectations 
in respect of the corporate governance policies and 
practices of locally incorporated Als. It covers the roles and 
responsibilities of the board of directors (“the board”) of an 
Al and its senior management, and sets out a range of 
sound governance principles and practices. Some key 
components of effective corporate governance frameworks 
are also contained in other relevant modules of the 
Supervisory Policy Manual, including: 
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1.2.2 


1.2.3 


e Systems of Control for the Appointment of 
Managers (CG-2) 


e Code of Conduct (CG-3) 


e Establishment of Overseas Banking 
Subsidiaries: §51A (CG-4) 

° Guideline on a Sound Remuneration System 
(CG-5) 

e Competence and Ethical Behaviour (CG-6) 

e Risk Management Framework (IC-1) 

e Internal Audit Function (IC-2) 

° Reporting Requirements Relating to Authorized 


Institutions’ External Auditors under the Banking 
Ordinance (IC-3) 


e Exposures to Connected Parties (CR-G-9) 
e Reputation Risk Management (RR-1) 
e Strategic Risk Management (SR-1) 


This module should therefore be read in conjunction with 
those listed above, as well as any applicable guidance 
issued and updated by the HKMA from time to time. 


All Als are expected to maintain a level of corporate 
governance reflective of the standards set out in this module 
(and those listed above) in a manner commensurate with the 
nature, scale and complexity of their operations. Moreover, 
Als designated by the MA under §3S or §3U of the Banking 
(Capital) Rules as global systemically important Als (“G- 
SIBs”) or domestic systemically important Als (“D-SIBs”) are 
expected to have corporate governance structures that are 
commensurate with their potential impact on financial 
stability in Hong Kong, and in the case of G-SIBs, globally. 


Failure to adhere to the standards set out in this module may 
call into question whether an Al continues to satisfy the 
minimum criteria for authorization in the Banking Ordinance 
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1.3 


and may cast doubt on the fitness and propriety of individual 
directors and shareholder controllers of the Al. 


Nevertheless, in cases where the standards set out in this 
module are not met, it may be acceptable for the Al 
concerned to demonstrate to the reasonable satisfaction of 
the HKMA that the Al has in place alternative measures 
which have the equivalent effect of ensuring sound 
corporate governance. In other words, the HKMA will adopt 
a principles-based approach to assessing the adequacy of 
the Al’s corporate governance arrangements and Als should 
notify the HKMA promptly of, and provide justifications to 
support, their adoption of measures which they consider 
equivalent to those set out in this module. 


Implementation 


1.3.1 


Als are generally expected to implement this revised module 
starting from 1 January 2018. 


2. Responsibilities of the board 


2.1 


2.2 


General 


2.1.1 


The board of an Al has the ultimate responsibility for the 
operations and financial soundness of the Al. In discharging 
its responsibilities, the board should be actively engaged in 
the affairs of the Al and cognizant of material changes in the 
Al’s business and the external environment in which the Al 
operates. Decisions of the board should be taken in a timely 
manner, having regard to the legitimate interests of 
shareholders, depositors and other relevant stakeholders. 


Individual members of the board should act bona fide in the 
interest of the Al, and on an informed and prudent basis, in 
accordance with applicable laws, regulations and 
supervisory standards. 


Responsibilities 
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2.2.1 


2.2.2 


2.2.3 


The key responsibilities of the board of an Al include: 


(i) setting and overseeing the objectives of the Al and 
the strategies for achieving those objectives (see 
subsection 2.3); 


(ii) establishing and overseeing risk governance (see 
subsection 2.4); 


(iii) appointment and oversight of senior management 
(subsection 2.5); 


(iv) setting corporate values and standards (see 
subsection 2.6); 


(v) | overseeing the remuneration policy (see subsection 
2.7); 


(vi) ensuring a suitable and transparent corporate 
structure (see subsection 2.8); 


(vii) ensuring effective audit functions (see subsection 
2.9); and 


(viii) ensuring an appropriate degree of transparency in 
respect of the structure, operation and risk 
management of the institution (see subsection 
2.10). 


In establishing an Al’s organisational structure, the board 
should clearly define in a written document the key 
responsibilities and authorities of the board, senior 
management and internal control functions in general. The 
board should also clearly define appropriate internal 
governance practices and procedures for the conduct of its 
own work and have in place the means to ensure that such 
practices are followed and periodically reviewed. 


The board should establish and maintain a robust finance 
function responsible for accounting and financial data to 
ensure that the Al’s business performance is accurately 
captured and reported to the board, senior management and 
business lines. 
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2.3 Setting and overseeing objectives and strategies 


2.3.1 


2.3.2 


2.3.3 


The board should set and oversee ' the objectives and 
overall strategy of an Al within the applicable legal and 
regulatory framework, taking account of the institution’s long- 
term financial interests, its financial and human resources, 
its exposures to risk, and its ability to manage risk 
effectively. The board should also approve business plans 
for achieving the Aľs objectives and ensure that 
performance against plans is regularly reviewed, with prompt 
corrective action taken as needed. 


Among other things, the board should set out its strategic 
plan for an Al and oversee the Al’s capital adequacy 
assessment process, its capital and liquidity planning and 
the management of the institution (including compliance 
policies and internal control systems) so as to ensure that 
there is adequate capital and sufficient liquidity to cover the 
risk exposures and liquidity needs of the institution. 


The annual budgeting exercise is an integral part of the 
short-term planning and performance monitoring process. 
The board should approve annual budgets and review 
performance against these budgets. 


2.4 Risk governance 


2.4.1 


Risk-taking is an integral part of banking business. The 
board should have a sound understanding of an Al’s 
business activities and their associated risks, and ensure 
that these risks are properly managed. To ensure sound 
risk management, the Al should have an effective risk 
management framework containing a set of robust risk 
governance arrangements and an effective risk appetite 
framework (see IC-1). In particular, the Al should have an 
independent risk management function, under the direction 





1 In the context of board responsibilities, the term “oversee” should be understood to mean “oversee and 
be satisfied with”. 
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of a Chief Risk Officer’, to oversee risk-taking activities. 

Procedures should also be in place to outline the actions to 

be taken by management when risk limits are breached, 

including escalation procedures and board notification, and 
disciplinary actions for excessive risk-taking by individual 
staff.° 

2.4.2 In fulfilling its responsibility to ensure sound risk 
management as described above, the board should: 

° set an Al’s risk appetite framework and ensure that 
it is consistent with the Al’s strategy, business, 
capital and financial plans, as well as risk-taking 
capacity and remuneration systems ; 

° approve the Aľs risk appetite statement and 
oversee the Al’s adherence to the risk appetite 
statement; 

° oversee the development and implementation of risk 
management policies and procedures to ensure that 
the Al’s risks can be identified, monitored and 
controlled, and that the financial and management 
information is reliable, timely and complete; and 

° ensure that the Aľs internal control functions 
(including risk management function, internal audit 
function and compliance function) are properly 
positioned, staffed and resourced and carry out their 
responsibilities independently, objectively and 
effectively. 

2.4.3 Fostering a strong risk culture within an Al is important for 


effective risk governance. Risk culture reflects an Al’s 
attitude and behaviour with respect to its risk awareness, 
risk-taking and risk management, and controls that shape 
decisions on risks. In addition to overseeing senior 


? Chief Risk Officer refers to the person responsible for the risk management function. 


3 Als are also required to have adequate internal systems for assessing capital adequacy in relation to 
the risks they assume (see CA-G-5). 
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2.4.4 


management in maintaining sound risk culture, the board 
should promote risk awareness and a strong culture of 
adhering to risk limits and managing risk exposures. The 
board should convey the expectation that it does not support 
excessive risk-taking under any circumstances and that all 
staff are responsible for helping the Al to operate within the 
established risk appetite and risk limits. The board should 
also encourage open communication and challenge about 
risk-taking across the Al as well as vertically to and from the 
board and senior management. 


These risk governance arrangements should be subject to 
regular review by the board to ensure that they remain 
adequate and consistent with an Al’s operating environment, 
and are able to support business expansion. The board (or 
its audit committee) should consider to periodically obtain an 
independent assessment (from the internal audit function, or 
an external consultant as appropriate) of the design and 
effectiveness of the risk governance arrangements of the Al. 


2.5 Appointment and oversight of senior management 


2.5.1 


2.5.2 


Whilst the board is ultimately responsible for the conduct 
and financial soundness of an Al, the appointment of 
competent management is key to achieving the objective of 
a soundly and efficiently run Al. The board works with senior 
management to achieve this and senior management 
remains accountable to the board. 


Senior management are responsible and accountable for 
running an Al on a day-to-day basis, and should ensure that 
the Al’s activities are consistent with the business strategy, 
risk appetite and policies approved by the board. In 
particular, they are responsible for: 


° implementing the business and risk strategies 
approved by the board, and the risk 
management systems, processes and controls 
for managing both the financial and non- 
financial risks to which the Al is exposed, and 
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cultivating the risk culture promoted by the 
board; 


° providing the board with regular, adequate and 
comprehensible information in relation to 
material matters’; 


° ensuring that the risk appetite is appropriately 
translated into risk limits for business lines and 
legal entities, and that those limits are consistent 
with the Al’s overall risk appetite, even under 
stressed conditions; 


° putting in place processes for reviewing the Al’s 
risk exposures and ensuring that they are kept 
within the risk limits set; 


° ensuring that the risk management, compliance 
and internal audit functions work as intended 
and independently; 


° establishing a compliance policy that contains 
the basic principles to be approved by the board 
and explains the main processes by which 
compliance risks are to be identified and 
managed through all levels of the organisation; 


° actively communicating and consulting with the 
control functions on management's major plans 
and activities; 


° establishing an effective management 
information system to report to the board and 
senior management, in a comprehensible format 
fit for their respective use, on a timely basis; 





4 Matters which depending upon their significance (in terms for e.g. size, potential impact, repetition or 
recurrence) could be material include implementation of business strategy, risk strategy or risk 
appetite approved by the board; performance and financial conditions; breaches of risk limits or 
compliance rules; internal control failures; legal or regulatory concerns; as well as any issues raised 
through the Al’s internal communication (or whistleblowing) procedure (see paragraph 2.6.7). 
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2.5.3 


2.5.4 


° establishing a management structure that 
promotes accountability and transparency 
throughout the organisation, and facilitates 
delegation of duties to staff, and oversight of 
those they manage; and 


° ensuring the competence of the managers and 
staff responsible for the business and internal 
control functions of the Al, with appropriate 
programmes to recruit, train and retain employees 
with suitable skills and expertise. 


The board should adopt a formal document setting out 
clearly the role, responsibilities, accountability and reporting 
lines of senior management. Delegations of authority from 
the board to senior management should be formal and clear. 


The board is ultimately responsible for the appointment and 
removal of the senior management of an Al. Senior 
management should have the necessary experience, 
competencies and integrity to manage the business and staff 
under their supervision. Senior management should be 
selected through an appropriate promotion or recruitment 
process which takes into account the qualifications for the 
position in question. In particular, the board should: 


° appoint a chief executive (including an alternate 
chief executive) with integrity, technical 
competence and experience in banking 
business which enables him to administer the 
Aľs affairs effectively and prudently; 


° oversee the appointment of other senior 
executives? (see CG-2) and ensure that they 
are fit and proper to manage and supervise the 
Al’s key business and internal control functions; 


5 Such as the chief financial officer, chief risk officer, division or department heads and the head of 
internal audit function and the head of compliance. 
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2.5.5 


2.5.6 


e ensure that appropriate succession plans are in 
place for senior management; and 

° actively engage in succession plans for the chief 
executive and other key senior executives as 
appropriate. 


The board should review and approve performance 
objectives for, and written standards (within the context of an 
Al’s remuneration policy) governing the remuneration of, 
key members of senior management (which should include 
at least the chief executive and alternate chief executive, 
and preferably also those senior executives who report 
directly to them), and should likewise ensure that 
performance objectives and remuneration standards are set 
for all other senior management, which in each case are 
consistent with the long-term objectives, strategy and 
financial soundness of an Al. The board should put in place 
effective systems of control to monitor senior management’s 
performance against the performance objectives and 
assessment criteria within the remuneration standards on a 
continuing basis. 


The board should oversee senior management's 
implementation of the overall risk governance arrangements 
of an Al. The board should monitor the consistency of 
senior management's actions with the strategy and policies 
approved by the board, and enumerate the possible 
consequences if the actions of senior management are not 
aligned with the board’s performance expectations, including 
adherence to the Al’s values, risk appetite and risk culture. 
In doing so, the board should assess whether senior 
management's collective knowledge and expertise remain 
appropriate given the nature of the business and the Al’s risk 
profile. 


ê See CG-5 section 2.1. 
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2.6 


2.5.7 


2.5.8 


The board should meet regularly with senior management 
and internal control functions (including those responsible for 
internal audit, risk management and compliance) to review 
policies and controls in order to identify areas that need 
improvement and address significant risks and issues. In its 
dialogue with senior management, the board should 
question and review critically explanations and information 
provided by senior management. 


The board should ensure that senior management has 
access to regular training to maintain and enhance their 
competencies and to keep themselves updated on industry 
and regulatory developments relevant to their areas of 
responsibility. 


Setting corporate values and standards 


2.6.1 


2.6.2 


2.6.3 


The board and senior management should demonstrate 
consistently through their own actions and behaviour that 
they have a strong commitment to high ethical and 
professional standards. 


The board should set and adhere to professional standards 
and corporate values that promote ethical and responsible 
professional behaviour amongst an Als staff (including 
senior management and members of the board). The board 
should oversee senior managements role in fostering and 
maintaining sound corporate culture and confirm that 
appropriate steps are taken to communicate throughout the 
Al the professional standards and corporate values it sets. 


Such professional standards and corporate values should be 
reflected in the code of conduct issued by an Al and should 
articulate acceptable and unacceptable behaviour, clearly 
disallow behaviour that could result in the Al engaging in any 
improper or illegal activity and require that business be 
conducted in accordance with applicable laws, regulations, 
standards and guidelines issued by the HKMA and other 
relevant regulatory authorities. The code should make clear 
that employees are expected to conduct themselves and 
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2.6.4 


2.6.5 


2.6.6 


2.6.7 


their activities in an ethical manner and perform their duties 
with due skill, care and diligence. See CG-3. 


To address the risk of misconduct, which may arise from a 
variety of sources including the mis-selling of financial 
products to retail or business customers, the violation of 
national rules or international standards (e.g. tax, anti-money 
laundering or sanctions regulations) or the manipulation or 
attempted manipulation of markets, the board and senior 
management should define conduct risk and standards of 
behaviour to protect the interests of customers and 
stakeholders within the context of, and by reference to, an 
Ai’s own business profile. 


Satisfactory levels of ethical and professional behaviour 
amongst staff are key to ensuring that an Al’s business is 
carried on with integrity and prudence and in a manner 
which is not detrimental to the interests of depositors. 
Therefore, the board should act to ensure that a culture of 
ethical and professional behaviour is embedded within the Al 
at both the institution and individual staff levels. Staff 
recruitment and appraisal systems should be designed to 
include ethics, professionalism and integrity as key 
assessment factors. Ethical and corporate values as well as 
professional behaviour should form part of any induction 
course provided for newly recruited staff and Als are 
encouraged to regularly provide specific training on ethical 
issues for all of their staff. See CG-6. 


An Al should take all reasonable steps to ensure that every 
staff member fully understands the ethical and corporate 
values of the Al and the behaviour expected of them in the 
discharge of their duties in the day to day operations of the 
Al, and is aware that appropriate disciplinary or other actions 
will follow unacceptable behaviour and transgression. 


In maintaining and supporting an Al’s corporate values and 
ethical standards, the critical importance of timely and frank 
discussion and escalation of problems should be 
recognized. In this regard, Als should have a well 
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communicated policy setting out procedures for their staff to 
communicate, in confidence and without the risk of reprisal, 
material and bona fide concerns or observations of any 
violations. _ Communication should be allowed to be 
channelled to the board — directly or indirectly (e.g. through 
an independent audit or compliance process) — independent 
of the internal “chain of command”. The board should have 
oversight of any such “whistleblower” policy mechanism and 
ensure that senior management address legitimate issues 
that are raised. The board should oversee and approve how 
and by whom legitimate material concerns are to be 
investigated and addressed whether by an independent 
internal or external body, senior management and/or the 
board itself. 


Conflicts of interest 


2.6.8 


2.6.9 


2.6.10 


The board should establish and oversee the implementation 
and operation of effective policies to identify actual and 
potential conflicts of interest so that they can be prevented 
or, if this is not possible, at least appropriately managed. 


There should be a written policy that identifies the 
relationships, services, activities or transactions of an 
institution in respect of which conflicts of interest may arise 
and sets out measures for prevention or management of 
these conflicts. 


There should be controls to prevent directors and employees 
from benefiting from the improper use of confidential 
information or otherwise from advantages offered to them 
which may lead to unfair, improper or, in the extreme, illegal 
behaviour. Als which are listed should adopt a policy on 
insider trading no less comprehensive than that provided for 
in the model code for listed companies issued by the Stock 
Exchange of Hong Kong Limited (“SEHK”), and should have 
adequate procedures and systems in place to ensure 
compliance and report any deviations that are identified. 
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2.6.11 Relationships and transactions which may create conflicts of 
interest include those between different customers or clients 
of an institution and those between an institution and: 


its customers (as a result of the business model 
and/or the various services and activities 
provided by the institution); 


its shareholders; 
the members of its board; 
its staff; and 


other related institutions (e.g. its parent 
company or subsidiaries). 


2.6.12 The measures to be adopted to prevent or manage conflicts 
of interest include: 


adequate segregation of duties; 


establishing information barriers such as 
physical separation of certain departments; and 


preventing directors, senior management and 
other staff members of an Al who are also active 
outside the institution (e.g. acting as a director of 
another commercial entity) from having 
inappropriate influence within the institution in 
respect of matters which have some connection 
with, or touch upon, their outside activities. This 
could include lending to a company of which one 
of the directors is also a director or a member of 
the senior management of the Al. 


2.6.13 For managing any conflicts of interest of its members, the 
board should have a formal board-level conflicts of interest 
policy (in addition to that referred to in paragraph 2.6.9) and 
an objective compliance process for implementing the policy. 
The policy should cover: 
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e a member’s duty to avoid, to the extent possible, 
activities that could create conflicts of interest or 
the appearance of conflicts of interest; 


° examples of where conflicts can arise when 
serving as a board member; 


e a rigorous review or approval process for 
members to follow before they engage in certain 
activities (such as serving on another board) so 
as to ensure that such activity will not create a 
conflict of interest; 


° a member’s duty to promptly disclose any matter 
that may result, or has already resulted, in a 
conflict of interest; 


e a member's responsibility to abstain from voting 
on any matter where the member may have a 
conflict of interest or where the member’s 
objectivity or ability to properly fulfil his duties to 
the Al may be otherwise compromised; and 


e the board’s approach to dealing with any non- 
compliance with the policy. 


2.6.14 In cases where board members are appointed by a 


controlling shareholder or other stakeholders, the board 
should consider setting out specific procedures or regularly 
conduct reviews to ensure that the board members 
concerned are qualified and have appropriately discharged 
their responsibilities in the best interest of the Al regardless 
of who appoints them. 


Connected lending 
2.6.15 There is a potential conflict of interest when an Al lends to a 


connected party. Therefore, connected lending should be 
monitored with particular care, and appropriate steps taken 
to control or mitigate the risks of such transactions. For 
example, the terms and conditions of loans granted to 
connected parties should not be more favourable than loans 
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2.6.16 


2.6.17 


granted to non-related borrowers under similar 
circumstances. The board should ensure that the Al 
establishes a policy on such lending. Senior management, 
under the oversight of the board, should establish control 
mechanisms to ensure that such policy is adhered to. The 
policy, and any changes to it, should be reviewed and 
approved by the board. See CR-G-9. 


§83 of the Banking Ordinance limits unsecured advances of 
locally incorporated Als to connected parties. This is to 
reduce the risk of improper and excessive lending to 
connected parties which may jeopardise an Al’s interests or 
be detrimental to its financial position. A breach of §83 is a 
serious offence which may result in fines and/or 
imprisonment. 


The board and senior management should fully understand 
the Al’s legal obligations under the Banking Ordinance in 
relation to connected lending. Although §83 of the Banking 
Ordinance only applies to unsecured lending, care should 
also be taken by Als when granting secured credit facilities 
to connected parties. 


2.7 Remuneration 


2.7.1 


A sound remuneration system forms a key component of an 
Al’s governance structure. The board (or its remuneration 
committee) should oversee senior managemenfťs 
implementation of the Al’s remuneration system, including 
monitoring and reviewing the remuneration of senior 
management and assessing whether the Aľs overall 
remuneration policy is in line with its risk appetite, risk 
culture and long-term interests. The board should approve 
the remuneration packages of the chief executive (including 
the alternate chief executive), heads of control functions and 
other key positions’. The board should also ensure that 
remuneration and performance measures for staff in the 


f Including those referred to in paragraph 2.1.7 of CG-5. 
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2.7.2 


internal control functions (including risk management and 
compliance) are determined independently from the 
business overseen so that the independence of these staff 
members is not compromised. 


SPM module CG-5 provides guidance on the key elements 
of a sound remuneration system and the approach of the 
HKMA in supervising Als’ remuneration systems. In 
particular, the module provides that the board of an Al 
should establish and maintain a written remuneration policy 
to ensure that the Al’s overall approach to risk management 
is supported, and not undermined, by the remuneration 
arrangements for employees whose activities during the 
course of their employment (individually or collectively) could 
have a material impact on the Al’s risk profile and financial 
soundness. 


2.8 Suitable and transparent corporate structure 


2.8.1 


2.8.2 


Where an Al creates structures for legal, regulatory, fiscal or 
product-offering purposes in the form of units, branches, 
subsidiaries or other legal entities, their number and, 
particularly, the interconnections and transactions between 
them, may pose challenges for the design of the Al’s 
corporate governance structure and for the management 
and oversight of the risks of the Al or the Al group as a 
whole (where the Al has subsidiaries). 


The board and senior management of an Al should 
understand and guide the institution’s structure and 
organisation and ensure that organisational complexity does 
not prevent effective control of the institution's or the Al 
group’s activity in its entirety. For this purpose, the board 
should set clear strategies and approve policies for the 
establishment of new units, branches, subsidiaries or other 
legal entities within the Al’s or the Al group’s organisational 
structure and should ensure that they are consistent with the 
policies and interests of the Al and the group. New 
structures should be approved only if the material risks 
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2.8.3 


2.8.4 


associated with the structures can be properly identified, 
assessed and managed. If the risk management process is 
not adequate to monitor and control the structure, then such 
structure should be delayed until the risks can be 
appropriately addressed. There should also be a process to 
assess risk and performance relative to initial projections 
and to adapt the risk management treatment accordingly as 
the business matures. 


The board should assess whether there are effective 
systems in place to facilitate the exchange of information 
among the various units, branches, subsidiaries or other 
legal entities within the organisational structure to manage 
the risks of individual entities as well as the group as a 
whole, and to ensure effective oversight of the group. The 
board should ensure that it keeps itself informed about the 
risks posed by the group structure. 


In accordance with the strategy and policies set by the 
board, senior management (and the board as appropriate) 
should, among other things: 


e avoid setting up unnecessarily complicated 
structures (e.g. structures that lack economic 
substance or business purpose); 


e have a centralised process for approving the 
creation of new legal entities based on established 
criteria, including the ability to monitor and fulfil, on 
an ongoing basis, the requirements applicable to 
each entity (e.g. regulatory, tax, financial reporting, 
and governance); 


e continually maintain and review the appropriate 
policies, procedures and processes governing the 
approval and maintenance of new structures; and 


e ensure that the approved structures and the 
activities conducted within them are subject to 
regular internal and external audit reviews. 
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2.9 


2.8.5 


2.8.6 


Prior to setting up new structures or initiating new activities, 
an Al should make an assessment of the structures or 
activities, which would include: 


e a full vetting of the purpose of the structures or 
activities; 


e identifying and assessing the associated risks of 
setting up the structures or activities, e.g. lack of 
management transparency, operational risk 
introduced by interconnected and complex funding 
structures, intragroup exposures, trapped collateral 
and counterparty risk; 


e assessing the Al’s ability to manage the risks when 
the structures or activities are established. 


For the purpose of enhancing the sound governance of an 
Al’s banking group, internal audits conducted on individual 
entities could be complemented with regular assessments of 
the risks posed by the group’s structure. Periodic reports 
that assess the Al’s overall structure and individual entities’ 
activities, confirm compliance with the strategy previously 
approved by the board, and disclose any possible 
discrepancies could be useful for the audit and risk 
committees, senior management and the board of the parent 
company. 


Internal and external audit 


General 


2.9.1 


The board should recognise the importance of the audit 
process and communicate this throughout the Al. It should 
review carefully, and make use in a timely and effective 
manner of, the findings of both internal and external 
auditors. The deliberations of the board on whether or not 
the auditors’ recommendations are accepted should be 
documented so that auditors’ recommendations are properly 
dealt with. Where the review is carried out by an audit 
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committee, key issues should be brought to the full board’s 
attention. 


Internal audit 


2.9.2 


2.9.3 


2.9.4 


An effective internal audit function is essential to the sound 
corporate governance of an Al as it provides independent 
assurance to the board and senior management with respect 
to the quality and effectiveness of the Al’s internal control 
systems and risk governance arrangements. To ensure its 
effectiveness, the internal audit function should be 
independent from the business units and other internal 
control functions. 


The internal audit function should have a clear mandate and 
sufficient standing, skills, resources and authority within the 
Al. It should have a direct reporting line and unfettered 
access to the board and/or the audit committee in order to 
ensure both its operational independence and the prompt 
and direct reporting of its findings. In order to discharge its 
functions, the internal audit function should have full and 
unconditional access to any records, file data, meeting 
minutes and physical properties of the Al. See IC-2 for the 
detailed role and responsibilities of the internal audit 
function. 


The board should approve the appointment or dismissal of 
the head of internal audit, and in case of resignation, the 
board should be notified promptly of the resignation and any 
reasons given therefor (see also paragraph 2.10.3). The 
board may, where appropriate, delegate such authority to its 
designated audit committee. 


External audit 


2.9.5 


External auditors play an important role in relation to an Al’s 
corporate governance structure as they provide the board 
with an independent opinion on the adequacy and 
effectiveness of the Al’s financial reporting, including the 
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2.9.6 


2.9.7 


2.9.8 


reasonableness of the judgements, estimates and 
presentation used in the accounts. 


Apart from fulfilling the legal obligation (see IC-3) to give a 
statutory opinion on financial statements, external auditors 
will normally draw the attention of the board to other 
significant matters identified during the course of their audit 
work by way of a management letter and provide 
recommendations for improvement as appropriate (e.g. 
material weaknesses identified in the Al’s internal control 
system). 


Given the importance of external audit in the context of an 
Aľs corporate governance process, the audit committee 
should establish a robust process for approving the 
appointment (or recommending full board approval of the 
appointment), reappointment, removal and remuneration of 
the external auditors. The selection criteria for external 
auditors should ensure that the external auditors appointed, 
whether for financial or prudential audit purposes, are 
competent with the appropriate skills, knowledge, 
experience and resources to perform the tasks required of 
them, and are independent of the Al and capable of forming 
an objective and impartial judgement in relation to the work 
undertaken for the Al. 


To reinforce the independence of external auditors, the 
board should, as good practice, rotate its external auditors 
(either the audit firm or individuals within the firm) from time 
to time. 


2.10 Transparency for sound and effective governance 


2.10.1 Transparency is essential for sound and effective corporate 


governance. Public disclosure with respect to key areas of 
corporate governance by Als can help shareholders, 
depositors and market participants to assess and monitor 
the effectiveness of the board and senior management and 
properly hold them accountable. Therefore, Als are expected 
to disclose relevant and useful information in this area 
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commensurate with their size, complexity, structure, 
economic significance and risk profile. The disclosure 
should be in compliance with any legal and regulatory 
disclosure requirements, clear, accurate, timely and 
accessible. 


2.10.2 Disclosure by an Al should be made whenever relevant but 
at least annually and include, but not be limited to, 


° material information on the Aľs objectives, 
organisational and governance structures and 
policies (in particular the content of any code of 
conduct or other corporate governance code or 
policy and the process by which it is 
implemented); 


° key points concerning its risk appetite, including 
the process for defining it, the nature of the risks 
it covers and which the Al is therefore prepared 
to assume, the scenario, metrics (qualitative and 
quantitative) and time horizons the Al uses to 
articulate its risk appetite and the measures it 
uses to ensure risks are controlled within the 
appetite (without disclosing commercially 
sensitive information). A description of board 
involvement in the process should also be 
provided; 


° information about board members, including 
their qualifications, directorships of other 
companies, other executive positions held, and 
whether they are independent non-executive 
directors (“INEDs’)°; 


° the approach for recruitment and selection of 
members of the board (in so far as the 
sensitivity of the information will not be 


8 See paragraph 4.2.3. 
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2.10.3 


2.10.4 


disadvantageous to the Al) and for ensuring an 
appropriate diversity of skills, backgrounds, and 
viewpoints; 


° the committees established by the board, their 
roles, functions, composition (including 
members who are INEDs), and number of times 
these committees have met; 


e remuneration information as set out in CG-5; 


° major share ownership and voting rights and 
related party transactions; and 


e adequate information regarding the purpose, 
strategies, structures, risks and controls around 
material and complex or non-transparent 
structures”. 


Whenever a person is appointed or ceases to act in the 
capacity of head of internal audit function or chief risk officer, 
the Al concerned should inform the HKMA in a timely 
manner with relevant information (e.g. qualification of the 
new appointee and the circumstances appertaining to the 
change in personnel), and make public disclosure. The 
HKMA may consider meeting with the outgoing head of 
internal audit function or chief risk officer after he has been 
relieved of his duties. 


The Banking (Disclosure) Rules (“BDR”) made by the MA 
under section 60A of the Banking Ordinance prescribe 
information to be disclosed by Als (“section 60A disclosure”), 
and the manner in which, times at which and periods during 


? For the purpose of this module, a “complex or non-transparent structure” would generally refer to a 
structure that involves a number or layers of legal entities, and chains of activities, services, operations 
and products that create extensive interconnections and intra-group transactions among the entities 
such that it is difficult for supervisors and stakeholders of the Al concerned to reasonably assess the 
risks to which the Al as a whole is exposed. This would include, for instance, transactions involving 
the creation of special purpose vehicles to accommodate or facilitate transfer of credit risk, particularly 
where the Al remains potentially exposed to any residual risk, not immediately apparent or transparent 
in terms of nature or amount. 


26 








HONG KONG MONETARY AUTHORITY 
EYE ae ih E BE a 





Supervisory Policy Manual 








CG-1 





Incorporated Authorized Institutions 


Corporate Governance of Locally V.3 — 06.10.2017 








2.10.5 


which such information shall be so disclosed. Section 5 of 
the BDR provides that a locally incorporated Al must have a 
formal disclosure policy approved by the board that 
addresses the Al’s approach for determining the content, 
appropriateness and frequency of the section 60A disclosure 
it makes and the internal controls over the disclosure 
process. 


The objective of the BDR is to set out the minimum 
standards for the public disclosure which an Al must make, 
so as to allow market participants to assess the risk 
exposure of the Al and how the risks are managed by the Al. 
It is important that Als convey, through their public 
disclosure, their actual risk profile to market participants and 
other stakeholders and if the fulfilment of this objective 
requires disclosure beyond the minimum standards in the 
BDR, Als should provide such additional disclosure. As 
market discipline can contribute to a safe and sound banking 
environment, the HKMA as a general principle encourages 
Als to make more extensive voluntary disclosures where 
relevant and practical for them to do so. 


3. Organisation and functioning of the board 


3.1 Charter 


3.1.1 


The board should maintain and periodically update 
organisational rules, by-laws, or other similar documents 
setting out the boards organisation, authorities, 
responsibilities and key activities. 


The board should define and document appropriate 
governance practices and procedures for its own work in line 
with the provisions of an Al’s constitutional documents. The 
practices and procedures should include the size, frequency, 
and working procedures of meetings, the format of the 
minutes of meetings, the role of the chair and the use of 
committees. These practices and procedures should 
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support the efficacy of the board’s work, particularly with 
regard to facilitating and ensuring a sufficiently indepth 
review of the matters to be considered, and robust, critical 
challenge and discussion of issues. The board should 
periodically review its governance procedures and practices, 
determine where improvements may be needed, and make 
any necessary changes. 


3.2 Meetings 


3.2.1 


3.2.2 


3.2.3 


The board can only fulfil its responsibilities effectively if it 
meets sufficiently frequently, and receives sufficient 
information from management to enable it, to monitor the 
financial condition and performance of the Al. In the 
absence of an active, engaged board, a leadership vacuum 
will likely be created and this vacuum may be filled either by 
major shareholders becoming directly involved in the running 
of an Al's affairs or by the executive management. In either 
case, the board would be bypassed and checks and 
balances lost, in particular through the inability of INEDs to 
play an oversight role. 


Meetings of the board of an Al should preferably therefore 
be held on a monthly basis but in any event no less than 
once every quarter. The board should ensure that it 
receives sufficient information from management, board 
committees and those responsible for internal control 
functions to enable its members to fulfil their responsibilities. 
Such information should be provided in a suitable format to 
facilitate board members’ comprehension and should be 
accurate and delivered to members in a timely manner to 
enable them to prepare in advance for board meetings and 
other relevant discussions. In addition, the board should 
have timely access to any other information which its 
members may request. 


To document the fulfilment of their respective 
responsibilities, the board and its specialized committees 
should keep full minutes of all their meetings. Such minutes 
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should cover matters reviewed, discussions on key 
deliberations, decisions taken and dissenting opinions. 


4. Board structure 


4.1 


Role of the chair 


4.1.1 


The chair should provide leadership to the board and be 
responsible for the overall effective functioning of the board. 
The chair should possess the requisite experience, 
competencies and personal qualities to fulfil his 
responsibilities. 


The chair should ensure that board decisions are taken on a 
sound and well-informed basis and in the best interest of the 
Al. To this end, the chair should, among other things: 


° set the agenda for board meetings and ensure 
that all directors are given an opportunity to 
include matters on the agenda; 


° ensure that directors receive accurate, timely, 
complete and clear information sufficiently in 
advance of board meetings; 


° encourage and promote open and critical 
discussion; 
° ensure that any concerns and dissenting views 


can be freely expressed and discussed within 
the decision making process; 


° encourage constructive relations and effective 
communication between the board and 
management, and among executive directors, 
non-executive directors and INEDs; 


° ensure that directors, especially non-executive 
directors and INEDs, have access to 
independent professional advice at the Als 
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expense where they judge it necessary to 
discharge their responsibilities; and 


° dedicate sufficient time to the exercise of his 
responsibilities. 


To achieve appropriate checks and balances, increased 
accountability and greater independence in board decision- 
making, the chair should be an INED or non-executive 
director. In very exceptional cases where an Al intends to 
appoint an executive director to be the chair of the board, it 
should promptly discuss with the HKMA the reason for such 
proposed appointment and demonstrate to the HKMA’s 
satisfaction that the Al has alternative measures to mitigate 
any adverse impact on the working of the board. 


4.2 Board composition 


4.2.1 


The board should have an adequate number and 
appropriate composition of members to ensure sufficient 
independence (in the sense described below) and collective 
expertise for effective, objective decision-making. The size 
and composition of the board will vary from institution to 
institution depending upon the size, complexity and risk 
profile of an Al and the nature and scope of its activities. In 
assessing the collective suitability of board members, the 
following should be taken into account: 


° the board members should possess a range of 
knowledge and experience in relevant areas and 
varied backgrounds to promote diversity of views; 


e the board collectively should have a reasonable 
understanding of local, regional and global 
economic and market forces and of the legal and 
regulatory environment. In this context, 
international experience, where relevant, should be 
considered; and 
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4.2.2 


4.2.3 


4.2.4 


4.2.5 


4.2.6 


° individual board members’ attitudes should 
facilitate communication, collaboration and critical 
debate in the decision-making process. 


The board of an Al should maintain an appropriate level of 
checks and balances to counter the influence of 
management or of shareholder controllers in order to ensure 
that decisions are taken with the Al’s best interests in mind. 


The key characteristic of “independence” in relation to 
directors is the ability to exercise objective, independent 
judgement after fair consideration of all relevant information 
and views, without undue influence from executives or from 
external parties. An INED means a director who does not 
perform any executive functions within the Al and is not 
under any other undue influence, internal or external, 
political or arising through the incidents of ownership or 
otherwise, that would impede his exercise of independent 
and objective judgement. Some non-executive directors 
may represent the interests of an Al’s shareholders or have 
some other form of connection with the Al, which means that 
they cannot be considered as independent. 


INEDs play an important role in providing the necessary 
checks and balances to ensure that an Al operates in a safe 
and sound manner and that its interests are protected. 
INEDs can also assist by bringing in outside experience and 
providing objective judgement. They are particularly useful 
in a monitoring role, e.g. as members of the audit committee. 


In order to ensure sufficient independence of the board of 
licensed banks or of any other Al which may be designated 
by the MA under §3S or §3U of the Banking (Capital) Rules 
as systemically important, either one-third or three of their 
board members, whichever is higher, should be INEDs and 
at least two of these INEDs should possess a background in 
accounting, banking or other relevant financial industry. 


Restricted licence banks and deposit-taking companies 
(other than any designated by the MA as systemically 
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4.2.7 


4.2.8 


important) are strongly encouraged to appoint at least three 
INEDs to their boards. There may however be cases where 
a restricted licence bank or deposit-taking company 
considers this impracticable in the light of its small size or 
generally narrow scope of operations. In such 
circumstances, the HKMA will nevertheless expect the 
restricted licence bank or deposit-taking company to include 
an appropriate number of INEDs (or at least non-executive 
directors) on its board. While the appropriate number will 
vary on a case-by-case basis (depending on a number of 
factors including the size of the Al, the total number of 
directors on the board and whether the Al is majority-owned 
by a bank incorporated in or outside Hong Kong), there 
should at least be one INED with background in accounting, 
banking or other relevant financial industry. 


Als should notify the HKMA of the names of the directors 
who are considered to be independent (i.e. INEDs) and the 
criteria supporting this judgement. In assessing the 
independence of such directors, the HKMA will take account 
of various factors such as their direct or indirect financial or 
other interest in the business of the Al", their relationship, if 
any, with significant shareholders of the Al, and the length of 
their service on the board, in particular whether they have 
served for a significantly long period of time under the same 
chair or chief executive which could potentially undermine 
their objectivity and independence. 


The HKMA may require an Al to appoint additional directors 
who can be regarded as more fully independent if it is not 
entirely satisfied that there is an adequate independent 
element on the board. 





10 Any banking relationship between an Al and a director of the Al (or company connected with that 
director) should be on an arm’s length basis and on normal commercial terms. Where such a 
relationship is significant to either the Al or the director (or company connected with that director), the 
Al should consider whether that may prevent the director from being considered independent. 
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5. Specialized committees 


5.1 Objectives and practices 


5.1.1 


Although the board is ultimately responsible for the conduct 
of an Al’s affairs, it may be beneficial for the oversight of 
certain major functional areas to be delegated to specialized 
committees of the board (specialized committees). All such 
specialized committees should be established with formal 
and clear delegation of authority by the board and be 
provided with sufficient resources to perform their duties. 
Each specialized committee’s objective and terms of 
reference should include authorities, responsibilities, 
membership, meeting frequency and working procedures 
(including how the committee will report to the board and 
tenure limit for members serving on the committee). The 
objective and terms of reference of the committee should be 
set out clearly in a written document, regularly reviewed and 
updated appropriately. 


The board should appoint members to specialized 
committees with the goal of achieving an optimal mix of skills 
and experience that, in combination, allows the committees 
to fully understand, and objectively evaluate the relevant 
issues which they will need to consider and address. In 
order to achieve the needed objectivity, the committees 
should have in their membership a sufficient number of 
INEDs and be chaired by an INED."’ There should be a 
regular and transparent communication mechanism between 
the board and its specialized committees to ensure 
continuous and robust dialogue and information sharing. 
The committees should also interact with each other as 
appropriate to ensure consistency and compatibility in their 
actions and minimise any potential for gaps (e.g. information 





11 For restricted licence banks and deposit-taking companies which are not designated by the MA under 
§3S or §3U of the Banking (Capital) Rules as systemically important and which may have a limited 
number of INEDs to meet the INED membership requirement for specialized committees, non- 
executive directors should be appointed in such cases. 
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gaps) in risk management oversight. For instance, there 
should be effective communication and coordination 
between the audit committee and the risk committee to 
facilitate the exchange of information and effective coverage 
of all risks, including emerging risks, and any needed 
adjustments to the risk governance arrangements of an Al. 
To avoid undue concentration of power, the board should 
consider occasional rotation of members and of the chairs of 
specialized committees. 


Each specialized committee should maintain appropriate 
records of its deliberations and decisions. Each committee 
should report regularly to the board on its decisions and 
recommendations. However, the board remains ultimately 
responsible for the decisions taken. Where necessary, each 
specialized committee should be able to seek independent 
expert advice at the Al’s expense. 


It is generally expected that a locally incorporated Al will 
establish a nomination committee, audit committee, risk 
committee and remuneration committee (see also 
subsections 5.2 to 5.5). In addition, the board of an Al 
should establish other specialized committees as necessary 
to manage different areas of an Al’s business operations 
and risk management. For instance, the board should either 
establish a standalone culture committee, which should be 
chaired by an INED, or charge one of its existing committees 
(for example the remuneration committee) with the 
responsibility for reviewing regularly the effectiveness of the 
Al’s measures to promote a sound corporate culture and 
supporting the board on culture-related matters (see 
subsection 2.6). 


For a restricted licence bank and deposit-taking company 
(other than one designated by the MA under §3S or §3U of 
the Banking (Capital) Rules as systemically important) with a 
relatively small and simple business operation and low risk 
profile, it may be acceptable for its board: 
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e to rely on the audit committee of the Al’s holding 
company; and 


e to rely on other specialized committees of the Al’s 
holding company”, or not to establish such specialized 
committees so long as the board can dedicate 
sufficient time and resources to carrying out its 
responsibilities in the relevant specific area(s). 


Als wishing to adopt such or similar practices should consult 
the HKMA and be prepared to justify the merits of their 
proposed approach in their specific circumstances. 


Where the relevant board committee(s) of the holding 
company of a restricted licence bank or deposit-taking 
company is relied upon, it should be satisfied that: 


(i) the Al is wholly-owned by that holding company; 


(ii) the holding company is regulated as a bank under a 
recognised banking supervisory authority; 


(iii) the board committee has attributes consistent with the 
requirements set out in this module and any other 
relevant modules as appropriate 1’; 


(iv) the composition of the board committee at the holding 
company level is consistent with section 5; and 


(v) the board committee oversees the relevant functional 
area(s) in respect of the Al. 


It should be noted that reliance on board committees at the 
holding company level should not relieve the board of an Al 
of its own governance and oversight responsibilities (see 
also subsection 9.2). 


Specific requirements 


12 In this context, holding company could be the intermediate holding company or the ultimate holding 


company of the Al. 


g CG-5, IC-1 and IC-2 among others in the case of remuneration committee, risk committee and audit 
committee respectively. 
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5.2 Nomination committee 


5.2.1 


5.2.2 


5.2.3 


5.2.4 


The majority of the nomination committee members 
(including the chair) should be INEDs. 


The key objectives of the nomination committee include the 
following: 


e identifying individuals suitably qualified to 
become members of the board or of senior 
management, and selecting, or making 
recommendations to the board on the selection 
of, individuals nominated for directorships and 
senior management positions (based on the role 
and its responsibilities and the knowledge, 
experience and competence which the role 
requires); and 


° making recommendations to the board on the 
appointment or re-appointment of directors and 
succession planning for directors, in particular 
the chair and the chief executive. 


The nomination committee may also undertake board 
performance evaluation to assist the board in reviewing the 
efficiency and effectiveness of the functioning of the board 
(see section 7). 


The nomination committee should ensure objectivity and 
independence in the selection process for board members 
and senior management. The committee should also strive 
to ensure that the board is not dominated by one individual 
or small group of individuals in a manner that is detrimental 
to the interests of the Al as a whole. 


5.3 Audit committee 


5.3.1 


The audit committee should be distinct from any other 
committee and made up of non-executive directors, the 
majority of whom should be independent. The chair should 
be an INED with a background in accounting, banking or 
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5.3.2 


other relevant financial industry. To ensure independence, 
the chair of the audit committee should not also be the chair 
of the board or of any other committee. 


The audit committee as a whole should have adequate 
experience in audit practices, financial reporting and 
accounting and should possess a collective balance of skills 
and expertise which is commensurate with the complexity of 
an Al and its business and risk profile in order to ensure it is 
in a position to discharge its responsibilities effectively. 
Where necessary, it should have access to external expert 
advice at the Al’s expense. See IC-2 for the responsibilities 
of the audit committee. 


5.4 Risk committee 


5.4.1 


5.4.2 


5.4.3 


The risk committee should be distinct from the audit 
committee. See IC-1 for the responsibilities of the risk 
committee. 


The risk committee should be chaired by an INED with a 
background in accounting, banking or other relevant 
financial industry or expertise in risk management. The 
chair of the risk committee should not be the same person 
as the chair of the board or of any other committee. The 
majority of the members of the risk committee should be 
INEDs. The members of the committee should collectively 
possess relevant technical expertise and experience in risk 
disciplines that are adequate to enable them to discharge 
their responsibilities effectively. 


The risk committee should interact regularly with, and 
oversee, the chief risk officer. The committee should also 
receive regular risk reports from the Al’s risk management 
function and chief risk officer. 


5.5 Remuneration committee 


5.5.1 


The remuneration committee should be chaired by an INED. 
The other committee members should be INEDs or, where 
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5.5.2 


executive directors are to be members of the committee, the 
committee should comprise a majority of INEDs. 


The remuneration committee should assist the board in 
discharging its responsibility for the design and operation of 
the Al’s remuneration system, and make recommendations 
in respect of remuneration policy and practices to the board 
(see CG-5). In particular, the committee should (i) make 
recommendations to the board in respect of the 
remuneration packages for the bank’s senior management 
and Key Personnel (see the definition of Key Personnel in 
CG-5) in cases where the approval authority for such 
remuneration packages rests solely with the board; (ii) 
ensure that remuneration is appropriate and consistent with 
the Al’s culture, long-term business and risk appetite, 
performance and control environment as well as with any 
legal or regulatory requirements; and (iii) work closely with 
other relevant committees of the Al’s board, such as the risk 
committee and the audit committee, and consult with the Al’s 
compliance function in evaluating incentives created by the 
remuneration system. 


6. Appointment of directors 


6.1 Fit and proper 


6.1.1 


The board, or its nomination committee (see subsection 5.2), 
should identify, assess and select qualified and experienced 
candidates for appointment as director. For this purpose, 
the board should have formal policies with clear and rigorous 
procedures on the selection and  appointment/re- 
appointment of directors. The policies for selection should 
include a description of the necessary competencies and 
skills required to ensure sufficient expertise. 


The board should satisfy itself that a candidate for 
appointment is a fit and proper person for such appointment, 
taking account of his experience, knowledge, skills, track 
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6.1.4 


record, independence of mind (particularly in the case of 
non-executive directors and INEDs) and other relevant 
factors as may be determined by the board (e.g. the 
candidate’s record of integrity and good repute and the 
candidate’s ability to promote a smooth interaction between 
board members). 


Board candidates should not have any conflict of interest 
that may impede their ability to perform their duties 
independently and objectively or subject them to undue 
influence from: 


° personal, professional or other economic 
relationships with other members of the board 
or management (or with other entities within the 


group); 
° other persons including shareholders; or 
° relationship arising from or connected to past or 


present positions held. 


After appointment, the board should regularly review 
whether each existing director remains qualified for his post. 
If a board member ceases to be qualified or fails to fulfil his 
responsibilities, the board should take appropriate action, 
including notifying the HKMA. 


Under §71 of the Banking Ordinance, the MA has the power 
to approve directors. The fitness and propriety of directors is 
also an authorization criterion under the Seventh Schedule 
to the Ordinance. Thus if a director fails to satisfy the MA 
that he is fit and proper for the position: 


° the consent granted under §71 may be 
withdrawn; and 


° the power to revoke an Al’s authorization may 
become exercisable. 


See also subsection 11.3 on the HKMA’s fit and proper test. 
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Occasionally, a person may act as an alternate to a director. 
However, alternates should only be appointed for directors 
(whether executive and non-executive) on a strictly 
temporary basis, for example where a director is unable to 
attend meetings due to ill health. In any event, alternates 
should not be appointed for INEDs. The HKMA is of the 
view that “alternate directors” have all the obligations 
imposed on the primary directors. In particular, if an 
alternate director attends a board meeting at which 
decisions are taken, that alternate director would share the 
responsibility for such decisions. The HKMA accordingly 
considers that the definition of “director” in the Banking 
Ordinance includes alternate directors and that they are 
therefore subject to the approval requirement under §71 of 
the Ordinance. 


6.2 Commitment 


6.2.1 


6.2.2 


Directors, including non-executive directors and INEDs, are 
expected to contribute actively to the work of the board in 
order to discharge their responsibilities. Therefore, when 
considering an appointment/re-appointment, the board 
should satisfy itself that the candidate is able to commit 
sufficient time, attention and effort to fulfil their 
responsibilities effectively, particularly if the candidate has a 
seat on more than one board or undertakes other 
professional or commercial activities. Given the important 
role and responsibility of the chair of the board, a greater 
time commitment should be expected of the person 
appointed to the chair. 


Individual directors should make every effort to attend all 
meetings of the board and any committees on which they sit 
especially where major issues are to be discussed. If 
necessary and where permitted under law, regulation and 
the constitutional documents of the Al, the participation of 
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directors in board meetings can be facilitated by means of 
video or telephone conferencing. “ 
6.3 Succession 


6.3.1 The board should have plans for orderly succession in 
respect of appointments to the board, so as to maintain an 
appropriate balance of skills and experience on the board. 


7. Board qualification and training 


7.1 


7.2 


7.3 


The board should possess, both as individual board members and 
collectively, appropriate experience, competencies and personal 
qualities, including professionalism and integrity, to discharge its 
responsibilities adequately and effectively. Members of the board 
should have up-to-date understanding of the nature of an Aľs 
business and its associated risks commensurate with their 
responsibilities. The board collectively should have adequate 
knowledge and expertise relevant to each of the material business 
activities the Al pursues (or intends to pursue) and the associated 
risks in order to ensure effective governance and oversight. 


Board members should be and remain qualified for their position. To 
help board members acquire, maintain and enhance their knowledge 
and skills in order to fulfil their responsibilities, the board should 
ensure that its members participate in induction programmes and 
have access to ongoing training covering relevant issues (drawing 
on external expertise where necessary). Induction programmes for 
new members of the board aim to familiarise them with their role and 
responsibilities, and the Al’s business strategy and operations, 
corporate values, governance and internal control system. 


The board should identify and meet the training needs of individual 
members and of the board collectively. More extensive efforts 
should be made to train and keep updated those board members 


a Participation in board meetings by means of video or telephone conferencing is regarded as 
attendance and should be recorded as such. 
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7.4 


with more limited financial, regulatory or risk-related experience. As 
part of this process, the board should take into account 
developments in areas such as products and markets, business 
operations, risk profile, and the risk management tools and models 
used by the institution; as well as changes in laws, regulations and 
supervisory standards relevant to the Al’s activities. Processes 
should be in place to regularly evaluate the effectiveness of training 
provided to individual members of the board and the board as a 
whole. 


The board should provide sufficient time, budget and other 
resources for developing and updating its members’ knowledge and 
capabilities as necessary to enable them to fulfil their responsibilities 
effectively and efficiently. 


8. Board performance evaluation 


8.1 


8.2 


To support board performance and improve the ongoing functioning 
of the board, the board should undertake regular assessments (at 
least annually) of the effectiveness of the board as a whole and of its 
specialized committees. The board should: 


° periodically review its structure, size and composition, 
as well as that of its specialized committees and the 
coordination between them; 


° determine if the board or its committees collectively 
lack any skills or expertise to discharge their 
responsibilities effectively, and identify steps for 
improvement; and 


° review the effectiveness of its own governance 
practices and procedures, determine any 
improvements that may be needed, and make any 
necessary changes. 


The ongoing suitability of each board member should be assessed 
by the board at least annually, taking into account the member's 
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performance during meetings of the board and, where relevant, its 
specialized committees, and other relevant factors as appropriate. 


8.3 To enhance the objectivity of the assessment, the board may 
engage external consultants or facilitators to provide assistance in 
the evaluation process. 


8.4 Where the performance of individual board members does not meet 
expectations or there is serious concern on a member's integrity, the 
board should take timely and appropriate action, including seeking 
the resignation of the director concerned or the appointment of new 
members. 


9. Governance in group structures 


9.1 Alas a parent or holding company 


9.1.1 


Where an Al is a parent or holding company, the Al’s board 
should ensure that there are governance strategies and 
governance policies and procedures in place appropriate to 
the structure, business and risks of the group as a whole 
and its component entities. The Al should recognise that it 
may ultimately have to support its subsidiaries over and 
above the extent of any direct legal liability. The Al's capital 
adequacy, liquidity and risk exposures should all be 
considered with this in mind. 


The board of the Al should be aware of the material risks 
and issues that may affect both the institution itself and its 
subsidiaries, and should therefore exercise adequate 
oversight over the activities of the subsidiaries while 
respecting the independent legal and governance 
responsibilities that apply to subsidiary boards. The board of 
the Al should ensure that enough resources are available for 
each subsidiary to meet both group standards and local 
governance standards. 


In order to fulfil its corporate governance responsibilities, the 
board of the Al should, among other things: 
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e establish a group structure and a corporate 
governance framework with clearly defined roles 
and responsibilities, including at the parent 
company level and at the subsidiary level as 
appropriate based on the complexity and 
significance of the subsidiary and taking into 
account applicable legal or regulatory 
requirements; 


° define an appropriate subsidiary board and 
management structure which takes into account 
the material risks to which the group, its 
businesses and its subsidiaries are exposed and 
applicable legal or regulatory requirements"; 


e assess whether the  group’s corporate 
governance framework includes adequate 
policies, processes and controls and whether it 
sufficiently addresses risk management across 
the businesses and legal entity structures within 
the group; 


o ensure the group’s corporate governance 
framework includes appropriate processes and 
controls to identify and address potential 
intragroup conflicts of interest; 


° have sufficient resources to monitor the 
compliance of subsidiaries with all applicable 
legal, regulatory and governance requirements; 


° maintain an effective relationship with both the 
home regulator (i.e. HKMA) and, through the 
subsidiary board or direct contact, with the 
regulators of all subsidiaries; and 





19 Applicable to the extent practicable for subsidiaries which are not wholly owned by the Al. Where an 
Al’s subsidiary conducts key parts of the business of the Al as a group, the Al is expected to have 
control over the key functions of its subsidiary. 
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° establish an effective internal audit function that 
ensures audits are being performed at the 
subsidiary level (either within the subsidiary or for 
the subsidiary), and for parts of the group (where 
necessary), as well as at the group level. 


9.2 Alas a regulated subsidiary 


9.2.1 


Where an Al belongs to a larger group of companies, the 
board of the Al might generally be expected to align the Al’s 
strategic objectives, risk governance arrangements, 
corporate values and governance principles with those of its 
parent company. Key governance strategies, policies and 
procedures of the Al may be determined and centralised at 
the holding company level. 


The subsidiary Al is however a separate legal entity, and its 
directors are not absolved from responsibility in relation to 
the effects of policies and actions that are applied to the Al 
irrespective of whether this is “group” policy or strategy. The 
board of the Al retains its own corporate governance 
responsibilities and will be ultimately responsible for the 
implementation and effectiveness of all group policies and 
practices applied to the Al and for the conduct and financial 
soundness of the Al. 


To ensure that the group policy does not put the Al in breach 
of any applicable legal, regulatory or supervisory rules or 
standards, the board should provide appropriate input to the 
formulation of group policy or conduct timely evaluation of 
any group-level policies. If the board is not satisfied that the 
group-level policies and practices are appropriate in the 
circumstances of the Al, the board should notify the holding 
company and discuss appropriate modifications. Similarly, if 
the group policy set by the holding company may, in the 
board’s opinion, conflict with any applicable legal or 
regulatory requirement or may be detrimental to the sound 
and prudent operation of the Al, or if the holding company 
does not respond adequately to the concerns raised by the 
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board, the board should record its dissent to the policies and 
practices of the holding company and take necessary 
actions to protect the Al. In such a situation, the board 
should consider seeking independent professional advice 
and raising the issue with the HKMA. 


9.2.4 In developing or adopting effective risk management 
processes for an Al, the board and senior management 
should endeavour to ensure that such processes are 
capable of supporting risk reporting and risk management at 
the group level. 


10.Controls on structures established on behalf of customers 
10.1 The board and senior management of an Al should fully appreciate 


and understand the extent to which an Al may be indirectly exposed 
to risk when it performs certain services, or establishes structures, 
on behalf of customers. For example, the Al may provide a range of 
trustee services or develop complex structured finance transactions 
for customers. These activities can serve the legitimate business 
purposes of customers. However, in some cases customers may 
use products, structures or services provided by the Al to engage in 
illegal or inappropriate activities, which in turn pose significant legal 
and reputation risks to the Al concerned. To this end, senior 
management, and the board as appropriate, should, among other 
things, be vigilant in: 


e maintaining and reviewing, on an ongoing basis, 
appropriate strategies, policies and procedures 
governing the approval and maintenance of such 
products, structures and services; 


e periodically monitoring such products, structures and 
services to ensure that they remain consistent with 
their established purpose and are not held, operated or 
used without adequate justification; and 


e establishing adequate procedures to identify and 
manage all material risks arising from these activities. 
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The Al should only engage in these activities if the 
material financial, legal and reputational risks can be 
properly identified, assessed and managed. 


11.Supervisory processes for evaluation of governance 


11.1 Supervisory review process 


11.1.1 


11.1.2 


Board and senior management oversight of an Al is one of 
the key areas that will be reviewed and assessed in the 
HKMA’s annual Supervisory Review Process (see CA-G-5). 
The result will inform the HKMA in its setting of supervisory 
priorities for the Al concerned. The factors taken into 
account by the HKMA will include the extent to which the 
Al’s corporate governance framework reflects the standards 
in this module having regard to the nature, scale and 
complexity of the Al’s business and its organisational 
structure. 


In order to facilitate the HKMA’s evaluation, the HKMA may 
require the Al to provide information relating to its corporate 
governance policies and practices and their implementation. 
That information may include the following: 


° mandate of the board and terms of reference of 
its committees; 


e information packages for, and the attendance 
record and minutes of, board meetings and the 
meetings of board committees; 


° board committees’ reports to the full board and 
the regular reports of the Al’s internal control 
functions to the board and board committees; 


e internal audit reports, external auditors’ reports 
and management letters from external auditors 
together with the comments of management; 


° board performance evaluation reports; 
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e strategies adopted by the Al regarding the 
establishment and maintenance of structures 
(including units, branches, subsidiaries or other 
legal entities) within the group, as well as the Al’s 
internal control measures with respect to the 
structures established on behalf of customers; 


° the Al’s conflicts of interest policy; 
e the Al’s Code of Conduct; and 
° the Al’s risk appetite statement. 


11.2 Communication with the board and senior management 


11.2.1 


11.2.2 


On a regular basis, the HKMA will communicate with 
relevant staff of an Al and, where considered appropriate, 
the Al’s external auditors, to understand and assess the 
robustness and effectiveness of the institution’s corporate 
governance framework. Relevant staff may include the Al’s 
senior management, personnel responsible for risk 
management, compliance and internal audit functions, and, 
where necessary, individual directors. In the case of 
licensed banks and any other Al designated by the MA 
under §3S or §3U of the Banking (Capital) Rules as 
systemically important, the HKMA will normally meet with the 
full board, audit committee or risk committee of such 
institution at least once every year. 


Where deficiencies are identified in an Al’s corporate 
governance framework, the HKMA will require the Al’s board 
or senior management, as appropriate, to take timely 
remedial action. 


11.3 Fit and proper test 


11.3.1 


The HKMA will evaluate the processes and criteria used by 
Als in the selection of board members and senior 
management. To enable the HKMA to consider whether a 
proposed candidate for appointment to an Al’s board or as 
its chief executive, alternate chief executive or executive 
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officer (within the meaning in the Banking Ordinance) is fit 
and proper to carry out his duties, the HKMA may, where the 
HKMA considers it appropriate, conduct a face-to-face 
meeting with the candidate. This will allow the HKMA to 
assess first-hand the candidate’s personal qualities, skills, 
knowledge and understanding of the Al’s business and key 
regulatory and supervisory requirements (such as 
requirements relating to risk management practices, capital 
adequacy and liquidity) and whether he will be able to fulfil 
adequately the role for which he is being considered. 


With regard to the appointment of persons undertaking key 
control functions who fall within the definition of “manager” in 
the Banking Ordinance, an Al should be prepared to 
demonstrate to the satisfaction of the MA that they have 
adequate systems of control and that such systems are 
working effectively to ensure that any such persons are fit 
and proper to hold their position within the Al. Nevertheless, 
the primary responsibility for ensuring that board members 
and senior management are fit and proper for their roles 
rests with the board. 


The HKMA will monitor the individual and collective 
suitability of board members and senior management. 
Given the on-going nature of the “fit and proper” criterion 
applicable to directors and senior management, the HKMA 
may also conduct meetings with serving directors or senior 
management of an Al where necessary. In turn, the Al 
should notify the HKMA as soon as it becomes aware of any 
material information which may negatively affect the fitness 
and propriety of a board member or a member of the senior 
management. 
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